DevSecOps
Introduction to the Linux Foundation's SLSA project
Supply Chain Security is a hot topic these days. And more and more, we as developers are dealing with this daily. But what does this mean …
DevSecOps
9 articles
DevSecOps
The Power of #JFrog Build Info (Build Metadata)
Intro This article will take a detailed look at what the term build-info is all about and why it will help us protect against attacks such …
DevSecOps
SolarWinds hack and the Executive Order from Mr Biden -- And now?
In the past two years, we have had to learn a lot about cybersecurity. The new attack vectors are becoming more and more sophisticated and …
DevSecOps
What is the difference between SAST, DAST, IAST and RASP?
Intro: In this post, we’re going to look at the differences between the various cybersecurity defence techniques. Here you can …
DevSecOps
The Lifeline of a Vulnerability
Intro Again and again, we read something in the IT news about security gaps that have been found. The more severe the classification of …
DevSecOps
CVSS - explained - the Basics
Intro What is the Common Vulnerability Scoring System short called CVSS, who is behind it, what are we doing with it and what a CVSS Value …
DevSecOps
A Challenge of the Software Distribution
The four factors that are working against us Software development is more and more dependent on Dependencies and the frequency of …
DevSecOps
DevSecOps - Be Independent Again
What do the effects the news of the last few months can have to do with risk management and the presumption of storage, and why is it an …
DevSecOps
The quick Wins of DevSecOps
Hello and welcome to my DevSecOps post. Here in Germany, it’s winter right now, and the forests are quiet. The snow slows down …